{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7813,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T13:07:09.728281775Z | 250 | PC: 12a50 | UNKNOWN! |
| 2018-12-25T13:07:09.729965627Z | 42 | PC: 12a6a | Get date 0x12a6a: cmp dl, 2 0x12a6d: jne 0x12a76 0x12a6f: mov byte ptr cs:[bp + 0x2b1], 1 0x12a75: nop 0x12a76: mov ax, ds 0x12a78: dec ax 0x12a79: mov ds, ax 0x12a7b: cmp byte ptr [0], 0x5a 0x12a80: jne 0x12abf 0x12a82: sub word ptr [3], 0x180 0x12a88: sub word ptr [0x12], 0x180 0x12a8e: mov es, word ptr [0x12] 0x12a92: push cs 0x12a93: pop ds 0x12a94: mov si, bp 0x12a96: mov cx, 0x4e6 0x12a99: xor di, di 0x12a9b: rep movsd dword ptr es:[di], dword ptr [si] 0x12a9d: xor ax, ax 0x12a9f: mov ds, ax |
| 2018-12-25T13:07:09.732118392Z | 1 | PC: 12b42 | Character input |
{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7813,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:02:48.535835308Z | 250 | PC: 12a50 | UNKNOWN! |
| 2018-12-25T12:02:48.538090908Z | 42 | PC: 12a6a | Get date 0x12a6a: cmp dl, 2 0x12a6d: jne 0x12a76 0x12a6f: mov byte ptr cs:[bp + 0x2b1], 1 0x12a75: nop 0x12a76: mov ax, ds 0x12a78: dec ax 0x12a79: mov ds, ax 0x12a7b: cmp byte ptr [0], 0x5a 0x12a80: jne 0x12abf 0x12a82: sub word ptr [3], 0x180 0x12a88: sub word ptr [0x12], 0x180 0x12a8e: mov es, word ptr [0x12] 0x12a92: push cs 0x12a93: pop ds 0x12a94: mov si, bp 0x12a96: mov cx, 0x4e6 0x12a99: xor di, di 0x12a9b: rep movsd dword ptr es:[di], dword ptr [si] 0x12a9d: xor ax, ax 0x12a9f: mov ds, ax |
| 2018-12-25T12:02:48.540812244Z | 1 | PC: 12b42 | Character input |